A controversial law firm known for pursuing alleged copyright infringers faces a £500,000 fine after over 8,000 people's data was leaked. ACS:Law is under investigation by the Information Commissioner's Office after the details of 8,000 Sky customers and 400 PlusNet users were made publicly available.

The leaked lists involved contain the names, addresses, IP addresses and case notes of customers suspected of downloading adult films or sharing copyrighted material. The BBC reports that, in some cases, credit-card details have also been revealed.

Where did the lists come from?

The data was spotted in an unencrypted file left open to the Web in the wake of a DDoS attack on the ACS:Law website. The attack targeted ACS:Law because of its controversial policy of writing to alleged file sharers demanding £500 fines, something that's earned ACS:Law partner Andrew Crossley his third disciplinary tribunal in front of the Solicitors Regulation Authority.

ACS:Law will be investigated separately by the Information Commissioner over the data breach. The Information Commissioner will look at the firm's encryption, firewall and staff-training processes, and could potentially levy up to a £500,000 fine.

Copyrights and wrongs

The breach has both short- and long-term repercussions for the copyright debate. In the short term, it damages the credibility of ACS:Law, and, in the long term, also highlights the potential problems of collecting lists like this -- something that the Digital Economy Act is commonly criticised for encouraging.

Have you been affected by the leak? Have you been contacted by ACS:Law, Davenport Lyons, or another law firm, in connection with accusations of illegal file-sharing? Let us know in the comments section below.

About the author

Rich Trenholm is a senior editor at CNET where he covers everything from phones to bionic implants. Based in London since 2007, he has travelled the world seeking out the latest and best consumer technology for your enjoyment.
See full bio